|
279821
|
- |
|
hp
|
enterprise_maps
|
HP Enterprise Maps 1.00 allows remote authenticated users to read arbitrary files via a WSDL document containing an XML external entity declaration in conjunction with an entity reference within a Ge…
|
CWE-200
Information Exposure
|
CVE-2014-4669
|
2024-11-21 11:10 |
2014-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279822
|
- |
|
piwigo
|
piwigo
|
SQL injection vulnerability in the photo-edit subsystem in Piwigo 2.6.x and 2.7.x before 2.7.0beta2 allows remote authenticated administrators to execute arbitrary SQL commands via the associate[] fi…
|
CWE-89
SQL Injection
|
CVE-2014-4649
|
2024-11-21 11:10 |
2014-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279823
|
- |
|
piwigo
|
piwigo
|
Unspecified vulnerability in Piwigo before 2.6.3 has unknown impact and attack vectors, related to a "security failure."
|
NVD-CWE-noinfo
|
CVE-2014-4648
|
2024-11-21 11:10 |
2014-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279824
|
- |
|
dlink
|
dsl-2760u-e1
|
Cross-site scripting (XSS) vulnerability in dhcpinfo.html in D-link DSL-2760U-E1 allows remote attackers to inject arbitrary web script or HTML via a hostname.
|
CWE-79
Cross-site Scripting
|
CVE-2014-4645
|
2024-11-21 11:10 |
2014-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279825
|
- |
|
cacti
|
superlinks
|
SQL injection vulnerability in superlinks.php in the superlinks plugin 1.4-2 for Cacti allows remote attackers to execute arbitrary SQL commands via the id parameter.
|
CWE-89
SQL Injection
|
CVE-2014-4644
|
2024-11-21 11:10 |
2014-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279826
|
- |
|
coreftp
|
core_ftp
|
Multiple heap-based buffer overflows in the client in Core FTP LE 2.2 build 1798 allow remote FTP servers to cause a denial of service (application crash) and possibly execute arbitrary code via a lo…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2014-4643
|
2024-11-21 11:10 |
2014-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279827
|
- |
|
gnupg
debian
opensuse
|
gnupg
debian_linux
opensuse
|
The do_uncompress function in g10/compress.c in GnuPG 1.x before 1.4.17 and 2.x before 2.0.24 allows context-dependent attackers to cause a denial of service (infinite loop) via malformed compressed …
|
CWE-20
Improper Input Validation
|
CVE-2014-4617
|
2024-11-21 11:10 |
2014-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279828
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.1.x before 4.1.14.1 and 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted ta…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4349
|
2024-11-21 11:10 |
2014-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279829
|
- |
|
phpmyadmin
|
phpmyadmin
|
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 4.2.x before 4.2.4 allow remote authenticated users to inject arbitrary web script or HTML via a crafted (1) database name or (2) tab…
|
CWE-79
Cross-site Scripting
|
CVE-2014-4348
|
2024-11-21 11:10 |
2014-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
279830
|
- |
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of se…
|
CWE-189
Numeric Errors
|
CVE-2014-4508
|
2024-11-21 11:10 |
2014-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
